7 Replies Latest reply: Dec 18, 2012 10:49 AM by Nitin Rao RSS

RFC connection fails with error ICM_HTTP_SSL_ERROR in SAP XI/PI system

sreedhar reddy bethi
Currently Being Moderated

Hi Team,

 

RFC connections GB_DPSRETRIEVE and GB_DPS which  connects to govt gateway are not working from past 4 days these connections are failing with error ICM_HTTP_SSL_ERROR,we have not changed any thing from our side,we had similar issue in January 2010 where SAP has released note saying HMRC have renewed the existing Government Gateway Security Certificate for DPS which we have already renewed.Kindly let me know if some one had similar problem

Please find ICM trace details below:

 

[Thr  8] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 2012]

[Thr 12] Fri Oct 15 14:45:10 2010

[Thr 12] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL

[Thr 12]    session uses PSE file "/usr/sap/XID/DVEBMGS95/sec/SAPSSLA.pse"

[Thr 12] SecudeSSL_SessionStart: SSL_connect() failed

  secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"

[Thr 12] >>            Begin of Secude-SSL Errorstack            >>

[Thr 12] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed

ERROR in af_verify_Certificates: (24/0x0018) Chain of certificates is incomplete : "OU=Class 3 Public Primary Certification Auth

ERROR in get_path: (24/0x0018) Can't get path because the chain of certificates is incomplete

[Thr 12] <<            End of Secude-SSL Errorstack

[Thr 12]   SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"

[Thr 12]   SSL socket: local=10.196.66.25:57991  peer=10.196.3.3:8000

[Thr 12] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x1068b6050)==SSSLERR_SSL_CONNECT

[Thr 12] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 2012]

[Thr 12] Fri Oct 15 14:48:35 2010

[Thr 12] *** ERROR during SecudeSSL_SessionStart() from SSL_connect()==SSL_ERROR_SSL

[Thr 12]    session uses PSE file "/usr/sap/XID/DVEBMGS95/sec/SAPSSLA.pse"

[Thr 12] SecudeSSL_SessionStart: SSL_connect() failed

  secude_error 9 (0x00000009) = "the verification of the server's certificate chain failed"

[Thr 12] >>            Begin of Secude-SSL Errorstack            >>

[Thr 12] ERROR in ssl3_get_server_certificate: (9/0x0009) the verification of the server's certificate chain failed

ERROR in af_verify_Certificates: (24/0x0018) Chain of certificates is incomplete : "OU=Class 3 Public Primary Certification Auth

ERROR in get_path: (24/0x0018) Can't get path because the chain of certificates is incomplete

[Thr 12] <<            End of Secude-SSL Errorstack

[Thr 12]   SSL_get_state() returned 0x00002131 "SSLv3 read server certificate B"

[Thr 12]   SSL socket: local=10.196.66.25:58180  peer=10.196.3.3:8000

[Thr 12] <<- ERROR: SapSSLSessionStart(sssl_hdl=0x1068b6050)==SSSLERR_SSL_CONNECT

[Thr 12] *** ERROR => IcmConnInitClientSSL: SapSSLSessionStart failed (-57): SSSLERR_SSL_CONNECT [icxxconn_mt.c 2012]

 

 

Thanks & Regards,

 

Sree

Actions